<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">(apologies any repetition awaiting
moderation)<br>
<br>
FYI the link I gave originally had a (registration req.) Download,
which is no longer there. A link a screenshot of the relevant page
is <a
href="https://twitter.com/CasparBowden/status/462967989495558144/photo/1/large">here</a>,
including the tables of stats, and the text (for context) below
[my emphasis in red]<br>
<br>
CB<br>
<br>
On 04/05/14 09:11, Ben Laurie wrote:<br>
</div>
<blockquote
cite="mid:CAG5KPzzHK18s=9aUBtPyHq_91JR6Qc2OJ3a6iP5LC7w9UpJ1OQ@mail.gmail.com"
type="cite">
<pre wrap="">On 2 May 2014 11:39, Caspar Bowden (lists) <a class="moz-txt-link-rfc2396E" href="mailto:lists@casparbowden.net"><lists@casparbowden.net></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Relax guys, those of you straining to achieve 10^9 speed-up in homomorphic
crypto, or other ingenious ways to use crypto in Cloud computing can slacken
the pace.
Apparently one third of IT managers* (Q.25), are already using crypto in
Cloud applications, and they have exclusive control of the key, so panic
over.
</pre>
</blockquote>
<pre wrap="">
That is not what he said at all. He said that .25 have their data
encrypted at rest. No mention whatsoever of who controls the keys.
</pre>
</blockquote>
<br>
<b>Who controls the encryption keys</b><br>
<br>
Figure 24 examines the issue of control over encryption keys in the
cloud environment for both encryption of data<br>
at rest and encryption of data at the application level. Thirty-four
percent of respondents believe their organization<br>
is in control of encryption keys for <font color="#ff0000"><b>both</b></font>
data encrypted at the <b><font color="#ff0000">application level</font></b>
and at rest in the cloud<br>
environment. Another 28 percent and 29 percent believe control of
encryption keys is a <font color="#ff0000"><b>shared activity
between</b><b><br>
</b><b>the organization and the cloud provider</b></font>. Only 19
percent and 17 percent of respondents, respectively, view the<br>
cloud provider as having control over encryption keys for either
encryption at the application level or for data at<br>
rest<br>
<br>
[Figure 24]<br>
<br>
Figure 25 shows German organizations are the most likely to say
their organizations have control of encryption<br>
keys <b><font color="#ff0000">at the application level </font></b>and
for data at rest in the cloud. Brazilian respondents are the least
likely to say their<br>
organizations have control over encryption keys at the application
level and for data at rest in the cloud.<br>
<br>
<b>Figure 25. Percentage of respondents who say their organization
is in control of encryption keys</b><br>
Consolidated analysis for encryption at <b><font color="#ff0000">both
the application level</font></b> and for data at rest in the
cloud by country<br>
sample<br>
<br>
[Figure 25]<br>
</body>
</html>